OAuth2 for native apps and beyond

Room 4B - Payara

Tuesday at 10:30 - 11:30

Do you want to build a cool iOS/Android app to share your photos on Twitter, Facebook or Google+? If so, you will need to authenticate through OAuth2. Instead of using their own authentication schemes, most providers choose to implement OAuth2. It gives users a secure way to talk to their services, but more importantly, allows users to safely authorise access to their data from third-party services without giving them their credentials.

If you think security topic is hard to tackle, join us! We'll make OAuth2 framework, OpenID Connect protocol, JWT (Json Web Token), and even encryption (with Alice and Bob) easy to understand. With some drawings and chatting, tokens are fun and OAuth2 will have no secret to you!

We'll see the challenges to overcome from a native app perspective: embedded web view vs external browser, URL schema for callback, local storage for tokens, refresh access tokens transparently... And what about Hybrid app? Could we bring the power of native apps to Hybrid through Cordova plugins? Unbearable suspense.

Erik Jan de Wit is a Senior Engineer at JBoss by Red Hat and a responsible for mobile development. Erik Jan created mobile games that used cordova and now uses that know how to support cordova for AeroGear.